Skip to content
This repository has been archived by the owner on Sep 1, 2020. It is now read-only.

No iss parameter in rp-3rd_party-init-login test #219

Open
jborgland opened this issue Mar 2, 2020 · 3 comments
Open

No iss parameter in rp-3rd_party-init-login test #219

jborgland opened this issue Mar 2, 2020 · 3 comments

Comments

@jborgland
Copy link

I've tried to execute the rp-3rd_party-init-login test and after hitting the URL that is supposed to initiate the test (in my case https://rp.certification.openid.net:8080/rp/jbd/rp-3rd_party-init-login/kXuRePwN8axr) the browser does get redirected to the login initiation endpoint of my server, but without the iss parameter (which according to the specification is required).

The certification log only shows:

1583142933 init ========== Test tool version:1.2.3 ==========
1583142933 http request {
"endpoint": "/jbd/rp-3rd_party-init-login/kXuRePwN8axr",
"method": "GET"
}
@zandbelt
Copy link

zandbelt commented Mar 5, 2020

you are correct and I'm not sure how this came about but I think you can get around it by adding the "iss" parameter and value to the "initiate_login_uri" that you register for your client; can you confirm?

@jborgland
Copy link
Author

I can confirm that. But in that case the test doesn't at all utilize the ability it has to verify that the RP behaves as expected (by checking that it actually gets a request back, and with the right login_hint, if it provides one, etc).

@zandbelt
Copy link

zandbelt commented Mar 6, 2020

I agree and we will aim to improve that in a future release.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jborgland @zandbelt